omniauth-fortnox-oauth2 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: a4022f4d3f910ee1f59a350edebc056f1dd60b93c91895b93ce703757b163f57
+  data.tar.gz: 186a3c2d187f38b97509e8b4594640104d8c70435b5e48aff812b433ae69b49f
+SHA512:
+  metadata.gz: 329f0f93ccb9daedc67ff40083b336dd3b9ca973256391805dec85693aee894b9c44338f52e98f4e5264a265597b8332939f9b135cea77630b592eb800bd9130
+  data.tar.gz: 8e77814e839af30c89b41823255372ea40d0a5a97dc5bafca6b955b270d50dac5fed587f687458b4869424fa1946fb0846695628d35574e5ca30dd48619cf79b

data/.github/workflows/gempush.yml

@@ -0,0 +1,41 @@
+name: Gem push
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  github:
+    name: Build + Publish to GitHub
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby 3.0.0
+      uses: actions/setup-ruby@v1
+      with:
+        version: 3.0.0
+    - name: Publish to GitHub
+      uses: jstastny/publish-gem-to-github@master
+      with:
+        token: ${{ secrets.GITHUB_TOKEN }}
+        owner: standout
+
+  rubygems:
+    name: Build + Publish to Rubygems
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby 3.0.0
+      uses: actions/setup-ruby@v1
+      with:
+        version: 3.0.0
+    - name: Publish to RubyGems
+      run: |
+        mkdir -p $HOME/.gem
+        touch $HOME/.gem/credentials
+        chmod 0600 $HOME/.gem/credentials
+        printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
+        gem build *.gemspec
+        gem push *.gem
+      env:
+        GEM_HOST_API_KEY: ${{secrets.RUBYGEMS_AUTH_TOKEN}}

data/.github/workflows/main.yml

@@ -0,0 +1,18 @@
+name: Ruby
+
+on: [pull_request]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: 3.0.0
+    - name: Run the default task
+      run: |
+        gem install bundler -v 2.2.3
+        bundle install
+        bundle exec rake

data/.gitignore

@@ -0,0 +1,2 @@
+.DS_Store
+app/

data/.ruby-version

@@ -0,0 +1 @@
+3.0.0

data/Gemfile

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in omniauth-flattr.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,98 @@
+PATH
+  remote: .
+  specs:
+    omniauth-fortnox-oauth2 (0.0.1)
+      omniauth-oauth2
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.8.0)
+      public_suffix (>= 2.0.2, < 5.0)
+    byebug (11.1.3)
+    coderay (1.1.3)
+    crack (0.4.5)
+      rexml
+    diff-lcs (1.4.4)
+    faraday (1.8.0)
+      faraday-em_http (~> 1.0)
+      faraday-em_synchrony (~> 1.0)
+      faraday-excon (~> 1.1)
+      faraday-httpclient (~> 1.0.1)
+      faraday-net_http (~> 1.0)
+      faraday-net_http_persistent (~> 1.1)
+      faraday-patron (~> 1.0)
+      faraday-rack (~> 1.0)
+      multipart-post (>= 1.2, < 3)
+      ruby2_keywords (>= 0.0.4)
+    faraday-em_http (1.0.0)
+    faraday-em_synchrony (1.0.0)
+    faraday-excon (1.1.0)
+    faraday-httpclient (1.0.1)
+    faraday-net_http (1.0.1)
+    faraday-net_http_persistent (1.2.0)
+    faraday-patron (1.0.0)
+    faraday-rack (1.0.0)
+    hashdiff (1.0.1)
+    hashie (4.1.0)
+    jwt (2.2.3)
+    method_source (1.0.0)
+    multi_json (1.15.0)
+    multi_xml (0.6.0)
+    multipart-post (2.1.1)
+    oauth2 (1.4.7)
+      faraday (>= 0.8, < 2.0)
+      jwt (>= 1.0, < 3.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
+    omniauth (2.0.4)
+      hashie (>= 3.4.6)
+      rack (>= 1.6.2, < 3)
+      rack-protection
+    omniauth-oauth2 (1.7.1)
+      oauth2 (~> 1.4)
+      omniauth (>= 1.9, < 3)
+    pry (0.13.1)
+      coderay (~> 1.1)
+      method_source (~> 1.0)
+    pry-byebug (3.9.0)
+      byebug (~> 11.0)
+      pry (~> 0.13.0)
+    public_suffix (4.0.6)
+    rack (2.2.3)
+    rack-protection (2.1.0)
+      rack
+    rake (13.0.6)
+    rexml (3.2.5)
+    rspec (3.10.0)
+      rspec-core (~> 3.10.0)
+      rspec-expectations (~> 3.10.0)
+      rspec-mocks (~> 3.10.0)
+    rspec-core (3.10.1)
+      rspec-support (~> 3.10.0)
+    rspec-expectations (3.10.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.10.0)
+    rspec-mocks (3.10.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.10.0)
+    rspec-support (3.10.2)
+    ruby2_keywords (0.0.5)
+    webmock (3.14.0)
+      addressable (>= 2.8.0)
+      crack (>= 0.3.2)
+      hashdiff (>= 0.4.0, < 2.0.0)
+
+PLATFORMS
+  x86_64-darwin-19
+
+DEPENDENCIES
+  omniauth-fortnox-oauth2!
+  pry-byebug
+  rake
+  rspec (> 3)
+  webmock
+
+BUNDLED WITH
+   2.2.3

data/README.md

@@ -0,0 +1,130 @@
+# OmniAuth Fortnox OAuth2 Strategy
+
+Strategy to authenticate with Fortnox via OAuth2 in OmniAuth.
+
+You will need to create your app in order to get `Client-ID` and `Client-Secret`, read more here: [Fortnox](https://developer.fortnox.se/get-started-details/#create-your-app)
+
+For more details, read the Fortnox docs: [Fortnox Developer](https://developer.fortnox.se/general/authentication/)
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'omniauth-fortnox-oauth2'
+```
+
+And then execute:
+
+    $ bundle install
+
+Or install it yourself as:
+
+    $ gem install omniauth-fortnox-oauth2
+
+## Usage
+
+Here's an example for adding the middleware to a Rails app in config/initializers/omniauth.rb:
+
+```ruby
+  provider :fortnox_oauth2,
+            'client-id',
+            'client-secret',
+            scope: 'companyinformation',
+```
+
+Can also be set up with dynamic configuration:
+
+```ruby
+  provider :fortnox_oauth2,
+           setup: (lambda do |env|
+                     # The following can be set dynamically from params, session, or ENV
+
+                     env['omniauth.strategy'].options[:client_id] = 'client-id'
+                     env['omniauth.strategy'].options[:client_secret] = 'client-secret'
+                     env['omniauth.strategy'].options[:scope] = 'companyinformation'
+                   end)
+```
+
+
+You can now access the OmniAuth Fortnox OAuth2 URL: /auth/fortnox_oauth2
+Later a controller can be set up to handle the response after authentication, for example:
+
+```ruby
+get '/auth/fortnox_oauth2/callback', to: 'auth/fortnox_oauth2#callback'
+```
+
+## Configuration
+
+You can configure several options, which you pass in to the provider method via a hash:
+
+* `scope`: A comma-separated list of permissions you want to request from the user. See the [Fortnox](https://developer.fortnox.se/general/scopes/) for a full list of available permissions. Caveats:
+  * Note that you app will need the same scopes! The scope `companyinformation` is used by default. By defining your own `scope`, you override these defaults.
+
+* `callback_url`: Override the callback_url used by the gem.
+
+You can also configure the `client_options` by passing in any of the following settings in a `client_options` hash, inside options.
+
+* `site`: Override the site used by the gem, default: `https://apps.fortnox.se`.
+
+* `token_url`: Override the token_url used by the gem, default: `/oauth-v1/token`.
+
+* `authorize_url`: Override the authorize_url used by the gem, default `/oauth-v1/auth`.
+
+* `auth_scheme`: Override the auth_scheme used by the gem, default `:basic_auth`.
+
+* `token_method`: Override the token_method used by the gem, default `:post`.
+
+## Auth Hash
+
+Here's an example of an authentication hash available in the callback by accessing `request.env['omniauth.auth']`:
+
+```ruby
+{
+  "provider" => "fortnox_oauth2",
+  "uid" => "556469-6291",
+  "info" => {
+    "address" => "Bollvägen",
+    "city" => "Växjö",
+    "country_code" => "SE",
+    "database_number" => "654896",
+    "company_name" => "Fortnox",
+    "organization_number" => "556469-6291",
+    "zip_code" => "35246"
+  },
+  "credentials" => {
+    "token" => "TOKEN",
+    "refresh_token" => "REFRESH_TOKEN",
+    "expires_at" => 1496120719,
+    "expires" => true
+  },
+  "extra" => {
+    "raw_info" => {
+      "Address" => "Bollvägen",
+      "City" => "Växjö",
+      "CountryCode" => "SE",
+      "DatabaseNumber" => "654896",
+      "CompanyName" => "Fortnox",
+      "OrganizationNumber" => "556469-6291",
+      "VisitAddress" => "",
+      "VisitCity" => "",
+      "VisitZipCode" => "",
+      "ZipCode" => "35246",
+    }
+  }
+}
+```
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/standout/omniauth-fortnox-oauth2.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+# !/usr/bin/env rake
+
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+
+desc 'Default: run specs.'
+task default: :spec
+
+desc 'Run specs'
+RSpec::Core::RakeTask.new
+
+desc 'Run specs'
+task default: :spec

data/bin/console

@@ -0,0 +1,15 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'bundler/setup'
+require 'omniauth-fortnox'
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require 'irb'
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install

data/lib/omniauth/fortnox_oauth2/api.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+require 'net/http'
+require 'net/https'
+require 'uri'
+
+module OmniAuth
+  module FortnoxOAuth2
+    # API
+    class API
+      class Error < StandardError; end
+
+      def initialize(token)
+        @access_token = token
+        @base_uri = 'https://api.fortnox.se/3'
+      end
+
+      def get(url)
+        uri = URI([@base_uri, url].join(''))
+        http = Net::HTTP.new(uri.host, uri.port)
+        http.use_ssl = true
+
+        request = build_request(uri)
+        response = http.request(request)
+        raise Error, "#{response.code}: #{response.body}" unless response.code == '200'
+
+        JSON.parse(response.body)
+      end
+
+      private
+
+      def build_request(uri)
+        request = Net::HTTP::Get.new(uri)
+        request['Authorization'] = "Bearer #{@access_token}"
+        request['Content-Type'] = 'application/json'
+        request['Accept'] = 'application/json'
+
+        request
+      end
+    end
+  end
+end

data/lib/omniauth/fortnox_oauth2/version.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Omniauth
+  module FortnoxOAuth2
+    VERSION = '0.0.1'
+  end
+end

data/lib/omniauth/strategies/fortnox_oauth2.rb

@@ -0,0 +1,88 @@
+# frozen_string_literal: true
+
+require 'omniauth-oauth2'
+
+module OmniAuth
+  module Strategies
+    # Fortnox
+    class FortnoxOauth2 < OmniAuth::Strategies::OAuth2
+      DEFAULT_SCOPE = 'companyinformation'
+
+      option :name, 'fortnox_oauth2'
+
+      option :client_options, {
+        site: 'https://apps.fortnox.se',
+        token_url: '/oauth-v1/token',
+        authorize_url: '/oauth-v1/auth',
+        auth_scheme: :basic_auth,
+        token_method: :post
+      }
+
+      option :authorize_options, %i[scope state]
+      option :provider_ignores_state, false
+
+      uid { raw_info['CompanyInformation']['OrganizationNumber'] }
+
+      info do
+        prune!(
+          'address' => raw_info['CompanyInformation']['Address'],
+          'city' => raw_info['CompanyInformation']['City'],
+          'country_code' => raw_info['CompanyInformation']['CountryCode'],
+          'database_number' => raw_info['CompanyInformation']['DatabaseNumber'],
+          'company_name' => raw_info['CompanyInformation']['CompanyName'],
+          'organization_number' => raw_info['CompanyInformation']['OrganizationNumber'],
+          'visit_address' => raw_info['CompanyInformation']['VisitAddress'],
+          'visit_city' => raw_info['CompanyInformation']['VisitCity'],
+          'visit_country_code' => raw_info['CompanyInformation']['VisitCountryCode'],
+          'visit_zip_code' => raw_info['CompanyInformation']['VisitZipCode'],
+          'zip_code' => raw_info['CompanyInformation']['ZipCode']
+        )
+      end
+
+      extra do
+        hash = {}
+        hash['raw_info'] = raw_info unless skip_info?
+        prune! hash
+      end
+
+      def raw_info
+        return if access_token.blank?
+
+        api_client = OmniAuth::FortnoxOAuth2::API.new(access_token&.token)
+        @raw_info ||= api_client.get('/companyinformation')
+      end
+
+      def request_phase
+        options[:authorize_params] = {
+          client_id: options['client_id'],
+          response_type: 'code',
+          scope: (options['scope'] || DEFAULT_SCOPE)
+        }
+
+        super
+      end
+
+      def callback_url
+        options[:callback_url] || (full_host + script_name + callback_path)
+      end
+
+      def build_access_token
+        verifier = request.params['code']
+        client.auth_code.get_token(
+          verifier,
+          { redirect_uri: callback_url }.merge(token_params.to_hash(symbolize_keys: true)),
+          deep_symbolize(options.auth_token_params)
+        )
+      end
+
+      private
+
+      def prune!(hash)
+        hash.delete_if do |_, value|
+          prune!(value) if value.is_a?(Hash)
+          value.nil? || (value.respond_to?(:empty?) && value.empty?)
+        end
+      end
+    end
+  end
+end

data/lib/omniauth-fortnox-oauth2.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+require 'omniauth/fortnox_oauth2/version'
+require 'omniauth/fortnox_oauth2/api'
+require 'omniauth/strategies/fortnox_oauth2'

data/omniauth-fortnox-oauth2.gemspec

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+$LOAD_PATH.push File.expand_path('lib', __dir__)
+require 'omniauth/fortnox_oauth2/version'
+
+Gem::Specification.new do |gem|
+  gem.name        = 'omniauth-fortnox-oauth2'
+  gem.version     = Omniauth::FortnoxOAuth2::VERSION
+  gem.authors     = ['svenne87']
+  gem.email       = ['devops@standout.se']
+  gem.homepage    = 'https://github.com/standout/omniauth-fortnox-oauth2'
+  gem.description = 'OmniAuth OAuth2 strategy for Fortnox'
+  gem.summary     = gem.description
+  gem.licenses    = ['MIT']
+
+  gem.metadata['homepage_uri'] = gem.homepage
+  gem.metadata['source_code_uri'] = gem.homepage
+  gem.metadata['changelog_uri'] = gem.homepage
+
+  gem.files         = `git ls-files`.split($\)
+  gem.executables   = gem.files.grep(%r{^bin/}).map { |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ['lib']
+
+  gem.required_ruby_version = '~> 3.0'
+
+  gem.add_dependency 'omniauth-oauth2'
+
+  gem.add_development_dependency 'pry-byebug'
+  gem.add_development_dependency 'rake'
+  gem.add_development_dependency 'rspec', '> 3'
+  gem.add_development_dependency 'webmock'
+end

data/spec/helper.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+$LOAD_PATH.unshift File.expand_path(__dir__)
+$LOAD_PATH.unshift File.expand_path('../lib', __dir__)
+
+require 'rspec'
+require 'webmock/rspec'
+require 'omniauth'
+require 'omniauth-fortnox-oauth2'
+
+RSpec.configure do |config|
+  config.expect_with :rspec do |c|
+    c.syntax = :expect
+  end
+  config.extend OmniAuth::Test::StrategyMacros, type: :strategy
+  config.include WebMock::API
+end

data/spec/omniauth/fortnox_oauth/api_spec.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require 'helper'
+
+describe OmniAuth::FortnoxOAuth2::API do
+  subject(:api) { OmniAuth::FortnoxOAuth2::API.new(token) }
+
+  let(:token) { 'abc' }
+
+  describe '#get' do
+    let(:headers) do
+      {
+        'Accept' => 'application/json',
+        'Authorization' => 'Bearer abc',
+        'Content-Type' => 'application/json'
+      }
+    end
+
+    before do
+      stub_request(:get, 'https://api.fortnox.se/3/companyinformation')
+        .with(
+          headers: headers
+        ).to_return(status: 200, body: { 'x' => 'o' }.to_json, headers: {})
+    end
+
+    it 'performs the OmniAuth::Strategy included hook' do
+      api.get('/companyinformation')
+      expect(a_request(:get, 'https://api.fortnox.se/3/companyinformation'))
+        .to have_been_made
+        .once
+    end
+  end
+end

data/spec/strategies/fortnox_spec.rb

@@ -0,0 +1,292 @@
+# frozen_string_literal: true
+
+require 'helper'
+
+describe OmniAuth::Strategies::FortnoxOauth2 do
+  def app
+    lambda do |_env|
+      [200, {}, ['Hello.']]
+    end
+  end
+
+  subject(:fortnox_oauth2) do
+    OmniAuth::Strategies::FortnoxOauth2.new(*args)
+  end
+
+  let(:args) { ['client_id', 'client_secret', options] }
+  let(:options) { { callback_url: 'https://example.com/callback' } }
+
+  before do
+    OmniAuth.config.test_mode = true
+  end
+
+  after do
+    OmniAuth.config.test_mode = false
+  end
+
+  describe 'Subclassing Behavior' do
+    it 'performs the OmniAuth::Strategy included hook' do
+      expect(OmniAuth.strategies)
+        .to include(OmniAuth::Strategies::FortnoxOauth2)
+    end
+  end
+
+  describe '#client' do
+    context 'client options' do
+      let(:options) { { client_options: client_options } }
+      let(:client_options) { {} }
+
+      it 'has the correct name' do
+        expect(fortnox_oauth2.options.name).to eq('fortnox_oauth2')
+      end
+
+      context 'when using default settings' do
+        it 'has the default site set' do
+          expect(fortnox_oauth2.options.client_options.site)
+            .to eq('https://apps.fortnox.se')
+        end
+
+        it 'has the default token_url set' do
+          expect(fortnox_oauth2.options.client_options.token_url)
+            .to eq('/oauth-v1/token')
+        end
+
+        it 'has the default authorize_url set' do
+          expect(fortnox_oauth2.options.client_options.authorize_url)
+            .to eq('/oauth-v1/auth')
+        end
+
+        it 'has the default token_method set' do
+          expect(fortnox_oauth2.options.client_options.token_method)
+            .to eq(:post)
+        end
+
+        it 'has the default auth_scheme set' do
+          expect(fortnox_oauth2.options.client_options.auth_scheme)
+            .to eq(:basic_auth)
+        end
+      end
+
+      context 'when changing client options' do
+        let(:client_options) do
+          {
+            site: 'https://www.example.com',
+            token_url: '/oauth-v2/token',
+            authorize_url: '/oauth-v2/auth',
+            auth_scheme: :request_body,
+            token_method: :get
+          }
+        end
+
+        it 'has the passed site set' do
+          expect(fortnox_oauth2.options.client_options.site)
+            .to eq('https://www.example.com')
+        end
+
+        it 'has the passed token_url set' do
+          expect(fortnox_oauth2.options.client_options.token_url)
+            .to eq('/oauth-v2/token')
+        end
+
+        it 'has the passed authorize_url set' do
+          expect(fortnox_oauth2.options.client_options.authorize_url)
+            .to eq('/oauth-v2/auth')
+        end
+
+        it 'has the passed auth_scheme set' do
+          expect(fortnox_oauth2.options.client_options.auth_scheme)
+            .to eq(:request_body)
+        end
+
+        it 'has the passed token_method set' do
+          expect(fortnox_oauth2.options.client_options.token_method)
+            .to eq(:get)
+        end
+      end
+    end
+  end
+
+  describe '#callback_phase' do
+    context 'when an error occurs' do
+      let(:error_request) do
+        double(
+          'Request',
+          params: { 'error_reason' => 'user_denied', 'error' => 'access_denied' }
+        )
+      end
+
+      before do
+        allow(fortnox_oauth2).to receive(:request) { error_request }
+      end
+
+      it 'calls fail with the client error received' do
+        expect(fortnox_oauth2)
+          .to receive(:fail!)
+          .with('user_denied', anything)
+
+        fortnox_oauth2.callback_phase
+      end
+    end
+  end
+
+  describe '#uid' do
+    before do
+      allow(fortnox_oauth2)
+        .to receive(:raw_info)
+        .and_return({ 'CompanyInformation' => { 'OrganizationNumber' => '555555-5555' } })
+    end
+
+    it 'sets the correct uid from companyinformation organization number' do
+      expect(fortnox_oauth2.uid).to eq('555555-5555')
+    end
+  end
+
+  describe '#credentials' do
+    let(:access_token) do
+      double(
+        'OAuth2::AccessToken',
+        token: 'abc',
+        refresh_token: 'cde',
+        expires_at: 1_632_830_458,
+        expires?: true
+      )
+    end
+
+    before do
+      allow(fortnox_oauth2).to receive(:access_token).and_return(access_token)
+    end
+
+    it 'returns the correct access token' do
+      expect(fortnox_oauth2.credentials['token']).to eq('abc')
+    end
+
+    it 'returns the correct refresh token' do
+      expect(fortnox_oauth2.credentials['refresh_token']).to eq('cde')
+    end
+
+    it 'returns the correct expires at' do
+      expect(fortnox_oauth2.credentials['expires_at']).to eq(1_632_830_458)
+    end
+  end
+
+  describe '#info' do
+    let(:raw_info) do
+      {
+        'CompanyInformation' => {
+          'Address' => 'Bollvägen',
+          'City' => 'Växjö',
+          'CountryCode' => 'SE',
+          'DatabaseNumber' => '654896',
+          'CompanyName' => 'Fortnox',
+          'OrganizationNumber' => '555555-5555',
+          'VisitAddress' => '',
+          'VisitCity' => '',
+          'VisitCountryCode' => '',
+          'VisitZipCode' => '',
+          'ZipCode' => '35246'
+        }
+      }
+    end
+
+    context 'with formatted info' do
+      before do
+        allow(fortnox_oauth2).to receive(:raw_info).and_return(raw_info)
+      end
+
+      it 'return info without blank values' do
+        expect(fortnox_oauth2.info).to eq(
+          {
+            'address' => 'Bollvägen',
+            'city' => 'Växjö',
+            'country_code' => 'SE',
+            'database_number' => '654896',
+            'company_name' => 'Fortnox',
+            'organization_number' => '555555-5555',
+            'zip_code' => '35246'
+          }
+        )
+      end
+    end
+
+    context 'when fetchin API data' do
+      let(:api_client) do
+        instance_double(OmniAuth::FortnoxOAuth2::API, get: nil)
+      end
+
+      before do
+        allow(fortnox_oauth2)
+          .to receive(:access_token)
+          .and_return(double('Bogus', token: 'abc', blank?: false))
+
+        allow(OmniAuth::FortnoxOAuth2::API)
+          .to receive(:new)
+          .and_return(api_client)
+      end
+
+      it 'calls to fetch data from /companyinformation' do
+        expect(api_client)
+          .to receive(:get)
+          .with('/companyinformation')
+          .and_return(raw_info)
+
+        fortnox_oauth2.info
+      end
+    end
+  end
+
+  describe '#callback_url' do
+    context 'when not set in options' do
+      let(:options) { { 'callback_path' => '/callback' } }
+      let(:request) do
+        double(
+          'Request',
+          scheme: 'https',
+          url: '1234',
+          params: { 'url' => '1234' }
+        )
+      end
+
+      before do
+        allow(fortnox_oauth2).to receive(:request) { request }
+        allow(fortnox_oauth2).to receive(:script_name).and_return('')
+      end
+
+      it 'returns correct url from current app' do
+        expect(fortnox_oauth2.callback_url).to eq('/callback')
+      end
+    end
+
+    context 'when set in options' do
+      it 'returns correct url from callback_url option' do
+        expect(fortnox_oauth2.callback_url)
+          .to eq('https://example.com/callback')
+      end
+    end
+  end
+
+  describe '#request_phase' do
+    before do
+      allow(fortnox_oauth2).to receive(:callback_url).and_return('')
+
+      fortnox_oauth2.request_phase
+    end
+
+    it 'includes the default scope' do
+      expect(fortnox_oauth2.authorize_params[:scope])
+        .to eq('companyinformation')
+    end
+
+    it 'includes the response type' do
+      expect(fortnox_oauth2.authorize_params[:response_type]).to eq('code')
+    end
+
+    context 'when setting scope in options' do
+      let(:options) { { 'scope' => 'companyinformation,invoice' } }
+
+      it 'uses the new scope' do
+        expect(fortnox_oauth2.authorize_params[:scope])
+          .to eq('companyinformation,invoice')
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,139 @@
+--- !ruby/object:Gem::Specification
+name: omniauth-fortnox-oauth2
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- svenne87
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2021-09-28 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry-byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '3'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: OmniAuth OAuth2 strategy for Fortnox
+email:
+- devops@standout.se
+executables:
+- console
+- setup
+extensions: []
+extra_rdoc_files: []
+files:
+- ".github/workflows/gempush.yml"
+- ".github/workflows/main.yml"
+- ".gitignore"
+- ".ruby-version"
+- Gemfile
+- Gemfile.lock
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- lib/omniauth-fortnox-oauth2.rb
+- lib/omniauth/fortnox_oauth2/api.rb
+- lib/omniauth/fortnox_oauth2/version.rb
+- lib/omniauth/strategies/fortnox_oauth2.rb
+- omniauth-fortnox-oauth2.gemspec
+- spec/helper.rb
+- spec/omniauth/fortnox_oauth/api_spec.rb
+- spec/strategies/fortnox_spec.rb
+homepage: https://github.com/standout/omniauth-fortnox-oauth2
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/standout/omniauth-fortnox-oauth2
+  source_code_uri: https://github.com/standout/omniauth-fortnox-oauth2
+  changelog_uri: https://github.com/standout/omniauth-fortnox-oauth2
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - "~>"
+    - !ruby/object:Gem::Version
+      version: '3.0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.2.22
+signing_key: 
+specification_version: 4
+summary: OmniAuth OAuth2 strategy for Fortnox
+test_files:
+- spec/helper.rb
+- spec/omniauth/fortnox_oauth/api_spec.rb
+- spec/strategies/fortnox_spec.rb